On Sun, Mar 18, 2012 at 11:19 AM, steve <st...@steve-ss.com> wrote: > On 17/03/12 18:00, Andreas Oster wrote: > >> I want to achieve the following: >> >> 1) allow non-Windows machines (printers, ILO ...) to be added by dhcpd >> 2) allow Windows machines (joined to AD) to update their own entries >> >> 2 - already works with the configuration from samba wiki >> >> Thank you for your kind help >> >> best regards >> >> Andreas >> >> Hi > I'm not sure if his is what you mean but we have a lan of windows and > linux clients under s4. Both win and Linux clients get their IP via dhcp. > You can see the Kerberos dialogue reveal the IP when the box first > connects. It is a different IP after each boot. So, if Linux counts as non > windows, then yes, it works. We did nothing apart from adding the dlz stuff > to bind. > Cheers, > Steve > Unfortunately, this is a problematic configuration for public encryption key systems, namely HTTPS and SSH servers. In particular, there's nothing like two SSH servers (namely most Linux systems) migrating to the same IP address at differents to cause conniptions for the SSH clients who shriek "AAAHHHH!!! I HAVE MISMATCHED PUBLIC HOSTKEYS FOR THAT ADDRESS AND NO TOOL EXCEPT YOUR MANUAL TEXT EDITOR TO CLEAR THEM!!! WAILL!!! SH-R-I-E-K-K-K!!!!"
The usual solution to this is to provide DHCP reservations with stable IP addresses for all available hosts. This is triviial with ISC DHCP, and requires manual intervention or some very clever scripting with AD based DHCP. It's also why it's often handy to put the vaguely stable Linux hosts in their own VLAN or address range: it makes the DHCP reservation management easier. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba